Cybercrime Defense

Hackers Using IM for Cyber Crime

Instant messaging (IM) is the quickest and easiest way to communicate online with friends and coworkers. However, IM is also an increasingly popular way for cyber criminals to distribute worms, viruses, and Trojans, and to commit fraud. Hackers like to target IM because they can use network ports that are already open for the IM client instead of having to open suspicious new ports.

Today, sophisticated multi-faceted attacks are launched through IM as frequently as they are through email. Hackers exploit operating system and browser vulnerabilities to deliver malware like Trojan keyloggers and screen scrapers that steal personal information, and to turn PCs into hijacked “zombies” used to commit crimes.

Password-stealing Trojans allow criminals to pilfer a user’s logon information and impersonate them using a man-in-the-middle attack. If the IM protocols don’t encrypt network traffic, the hacker can slip messages into an existing IM chat session and pretend to be the victim, causing embarrassment and the opportunity for fraud.

See below for the top 10 rules to use to help keep you and your family safe when instant messaging.

Cyber Criminals Take Advantage of IM Features

Cyber criminals exploit IM’s user-friendly features and find potential victims simply by choosing from an updated directory of buddy lists. The cyber criminals also receive a notification each time their victims’ computers are online.

The risks don’t end there. IM networks also support transfer files and use peer-to-peer (P2P) file sharing, making them vulnerable to malware hiding in files. With these weaknesses in mind, hackers use IM to gain backdoor access to unprotected PCs that run P2P. In this scenario, a Trojan typically modifies a computer’s configuration settings to share all files on its hard drive—logins, user IDs and passwords, Quicken files and credit reports, chat logs, emails, and medical and tax records. This can put a family at great risk.

A hacker can also cause a Denial of Service (DoS) attack on an IM client by flooding a particular user with a large number of messages to slow down or crash their machine. Most IM clients protect against DoS attacks by allowing the victim to ignore certain users; but in the midst of an attack, it may be hard to get out from under the flood of messages to ban the sender.

Top 10 Ways to Defend Against IM Threats

Consumers can protect themselves from viruses, worms, and Trojans delivered through IM. By following some basic rules, it’s easy to keep these threats from slowing you down.

Only share your screen name with people you trust, and ask them to keep it private. Only communicate with people on your contact or buddy list. To prevent “spim” (IM spam), use settings to block messages from people you don’t know.

Don’t display your screen name or email address in public places such as Internet directories or personal profiles. Some IM services link your screen name to your email address when you register. Consider setting up a secondary email account if this is the case, since your address could be harvested for phishing attacks.

Never provide private information like account numbers or passwords in an IM conversation. Network sniffers can intercept unencrypted IM traffic. Anti-virus software and a firewall will protect you from Trojans and viruses, but cannot protect your information once it leaves your PC.

Fortify your computer with strong security software and keep it up to date. The McAfee® Internet Security guarantees trusted PC protection from viruses, hackers and spyware. Its cutting-edge features include X-Ray for Windows®, which detects and kills rootkits and other malicious applications that hide from anti-virus programs. Its integrated anti-virus, anti-spyware, firewall, anti-spam, anti-phishing, and backup technologies work together to combat today’s sophisticated, multi-pronged attacks.

Configure your IM application correctly. Make sure it does not open automatically when you fire up your computer. Turn off your computer and disconnect the DSL or modem line when you’re not using it.

Enable automatic Windows updates, or download Microsoft® updates regularly, to keep your operating system patched against known vulnerabilities. Install patches from other software manufacturers as soon as they are distributed. A fully patched computer behind a firewall is the best defense against Trojan and spyware installation.

Configure your anti-virus software to automatically scan all email and IM attachments and downloaded files. Never open attachments from people you don’t know. If you know the sender, contact them to confirm the file is trustworthy. Beware of spam-based phishing schemes—don’t click on links in emails or instant messages.

Be careful when using P2P file sharing with IM. Trojans sit within file sharing programs waiting to be downloaded. Avoid files with the extensions .exe, .scr, .lnk, .bat, .vbs, .dll, .bin, and .cmd. Configure your file settings to limit the folders that other users can access.

Monitor and limit your children's use of IM. Put the computer in a high traffic family area and limit nighttime use. Parental controls in the McAfee security software help parents control the information that their children receive and send.